<?php
/**
* This is the Authentication class. It's pretty basic, but should expand as roles etc are better implemented. 
*
* $Id: Auth.php 45 2005-05-23 21:41:12Z vluther $ 				
* @package includes
* @version $Rev: 45 $
* @copyright Copyright &copy; 2000-2007, Linuxpowered, Inc               
* @author Vidyut Luther <vid@linuxpowered.com> 
**/

	class Auth 
	{

		var $_strFirstname ; 
		var $_strLastname; 
		var $_strEmail ; 
		var $_username; 
		var $_password; 
		var $_verified ; 
		var $_activeSession ; 
		var $_authTable ;
		var $_userid ; 
		var $_strUserLevel ; 
	
		function Auth() 
		{
			$this->_userid = null ; 
			$this->_username = null ; 
			$this->_password = null ; 
			$this->_verified = null ; 
			$this->_strUserLevel = null ; 
			$this->_authTable = "users" ; 	
			
		}
		
		function mDisplayLoginForm() 
		{

			global $tpl ; 
			$tpl->display(TEMPLATE_PATH."/loginform.html");
      $tpl->display(TEMPLATE_PATH."/footer.html");  
		}
		
		function mSetUserId($userid)
		{
			$this->_userId = $userid ; 
		}
		
		function mSetUsername($username)
		{
			$this->_username = $username; 
		}
		
		function mSetPassword($password)
		{
			$this->_password=$password ; 
		}
		
		function mGetUsername()
		{
			
		}
		
		function setUserLevel($level)
		{
			$this->_strUserLevel = $level ; 
		}
		function mLoadId()
		{
			global $db; 
			$table = $this->_authTable; 
			$userid = $this->_userId ; 
			$sql = "select firstname,lastname,email,level from $table where userid = '$userid'"; 
			$rs = $db->mRun($sql); 
			
			while($row = mysql_fetch_assoc($rs)) { 
			
				$this->_strFirstname = $row['firstname']; 
				$this->_strLastname = $row['lastname']; 
				$this->_strEmail = $row['email']; 
				$this->setUserLevel($row['level']);		
			}
			
		}
		function misAuthorized()
		{
			global $db ; 
			$table = $this->_authTable; 
			
			$user  = $this->_username; 
			$pass = $this->_password; 
			$sql = "select * from $table where email='$user' AND password='$pass'"; 
			#echo $sql ; 
			$result = $db->mRun($sql) ; 
	    require_once (INCLUDE_PATH.'/Log.php'); 
      $conf = array('mode' => 0600, 'timeFormat' => '%X %x');
      $log  = &Log::singleton('file', BASEDIR.'/logs/user.log', 'test1', $conf, LOG_INFO);
      $log->log("Attempting to Authenticate : $user with secret password ",LOG_INFO);  
			
		
			if($db->_NumRows == "1") {
				$_SESSION['Authorized'] = "1"; 
				while($row=mysql_fetch_assoc($result)) {
					$level = $row['level']; 
					$userid = $row['userid']; 
					$firstname = $row['firstname']; 
					$lastname = $row['lastname']; 	
					$_SESSION['USERID'] = $userid ; 
					$_SESSION['userlevel'] = $level ; 	
				}
		       
               
        $urlto = BASE_URL . "/index.php"; 
				header("Location: $urlto");
			
				$log->close(); 
			}
			
			
		}
		
		
		
		
	}



?>
